commit: 5c7413eb085a2bf6ba4453e004a8c938308360ab Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Tue Jun 3 04:22:05 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Tue Jun 3 04:22:05 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5c7413eb
net-wireless/wpa_supplicant: fix scanning on broadcom-wl based adapters Closes: https://bugs.gentoo.org/956555 Thanks-to: Gregor Feierabend <gf.devel <AT> pm.me> Signed-off-by: Sam James <sam <AT> gentoo.org> .../wpa_supplicant-2.11-broadcom-wl-scanning.patch | 224 ++++++++++ .../wpa_supplicant/wpa_supplicant-2.11-r4.ebuild | 452 +++++++++++++++++++++ 2 files changed, 676 insertions(+) diff --git a/net-wireless/wpa_supplicant/files/wpa_supplicant-2.11-broadcom-wl-scanning.patch b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.11-broadcom-wl-scanning.patch new file mode 100644 index 000000000000..10ebeaa78e99 --- /dev/null +++ b/net-wireless/wpa_supplicant/files/wpa_supplicant-2.11-broadcom-wl-scanning.patch @@ -0,0 +1,224 @@ +https://bugs.gentoo.org/956555 +https://lists.infradead.org/pipermail/hostap/2025-May/043475.html + +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index 3e77474..4c2803e 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -2450,6 +2450,10 @@ struct wpa_driver_capa { + unsigned int mbssid_max_interfaces; + /* Maximum profile periodicity for enhanced MBSSID advertisement */ + unsigned int ema_max_periodicity; ++ ++ /* Maximum number of bytes of extra IE(s) that can be added to Probe ++ * Request frames */ ++ size_t max_probe_req_ie_len; + }; + + +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index e6fbad9..f8f2949 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -11124,7 +11124,8 @@ static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen) + "capa.max_sched_scan_plan_interval=%u\n" + "capa.max_sched_scan_plan_iterations=%u\n" + "capa.mbssid_max_interfaces=%u\n" +- "capa.ema_max_periodicity=%u\n", ++ "capa.ema_max_periodicity=%u\n" ++ "capa.max_probe_req_ie_len=%zu\n", + drv->capa.key_mgmt, + drv->capa.enc, + drv->capa.auth, +@@ -11149,7 +11150,8 @@ static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen) + drv->capa.max_sched_scan_plan_interval, + drv->capa.max_sched_scan_plan_iterations, + drv->capa.mbssid_max_interfaces, +- drv->capa.ema_max_periodicity); ++ drv->capa.ema_max_periodicity, ++ drv->capa.max_probe_req_ie_len); + if (os_snprintf_error(end - pos, res)) + return pos - buf; + pos += res; +diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c +index dc16bd4..9ce6334 100644 +--- a/src/drivers/driver_nl80211_capa.c ++++ b/src/drivers/driver_nl80211_capa.c +@@ -959,6 +959,10 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) + capa->max_scan_ssids = + nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]); + ++ if (tb[NL80211_ATTR_MAX_SCAN_IE_LEN]) ++ capa->max_probe_req_ie_len = ++ nla_get_u16(tb[NL80211_ATTR_MAX_SCAN_IE_LEN]); ++ + if (tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]) + capa->max_sched_scan_ssids = + nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS]); +@@ -1196,6 +1200,10 @@ static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv, + info->capa = &drv->capa; + info->drv = drv; + ++ /* Default to large buffer of extra IE(s) to maintain previous behavior ++ * if the driver does not support reporting an accurate limit. */ ++ info->capa->max_probe_req_ie_len = 1500; ++ + feat = get_nl80211_protocol_features(drv); + if (feat & NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP) + flags = NLM_F_DUMP; +diff --git a/src/drivers/driver_nl80211_scan.c b/src/drivers/driver_nl80211_scan.c +index b055e68..184df49 100644 +--- a/src/drivers/driver_nl80211_scan.c ++++ b/src/drivers/driver_nl80211_scan.c +@@ -224,6 +224,11 @@ nl80211_scan_common(struct i802_bss *bss, u8 cmd, + if (params->extra_ies) { + wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs", + params->extra_ies, params->extra_ies_len); ++ if (params->extra_ies_len > drv->capa.max_probe_req_ie_len) ++ wpa_printf(MSG_INFO, ++ "nl80211: Extra IEs for scan do not fit driver limit (%zu > %zu) - this is likely to fail", ++ params->extra_ies_len, ++ drv->capa.max_probe_req_ie_len); + if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len, + params->extra_ies)) + goto fail; +diff --git a/wpa_supplicant/mbo.c b/wpa_supplicant/mbo.c +index 59b15da..117b30c 100644 +--- a/wpa_supplicant/mbo.c ++++ b/wpa_supplicant/mbo.c +@@ -460,6 +460,10 @@ void wpas_mbo_scan_ie(struct wpa_supplicant *wpa_s, struct wpabuf *ie) + { + u8 *len; + ++ if (wpa_s->drv_max_probe_req_ie_len < ++ 9 + ((wpa_s->enable_oce & OCE_STA) ? 3 : 0)) ++ return; ++ + wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC); + len = wpabuf_put(ie, 1); + +diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c +index 85c1ea8..29b18e0 100644 +--- a/wpa_supplicant/mesh.c ++++ b/wpa_supplicant/mesh.c +@@ -602,7 +602,8 @@ void wpa_supplicant_mesh_add_scan_ie(struct wpa_supplicant *wpa_s, + /* EID + 0-length (wildcard) mesh-id */ + size_t ielen = 2; + +- if (wpabuf_resize(extra_ie, ielen) == 0) { ++ if (ielen <= wpa_s->drv_max_probe_req_ie_len && ++ wpabuf_resize(extra_ie, ielen) == 0) { + wpabuf_put_u8(*extra_ie, WLAN_EID_MESH_ID); + wpabuf_put_u8(*extra_ie, 0); + } +diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c +index 8b59e40..a600502 100644 +--- a/wpa_supplicant/scan.c ++++ b/wpa_supplicant/scan.c +@@ -750,17 +750,20 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) + ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, + sizeof(ext_capab), NULL); + if (ext_capab_len > 0 && ++ (size_t) ext_capab_len < wpa_s->drv_max_probe_req_ie_len && + wpabuf_resize(&extra_ie, ext_capab_len) == 0) + wpabuf_put_data(extra_ie, ext_capab, ext_capab_len); + + #ifdef CONFIG_INTERWORKING + if (wpa_s->conf->interworking && ++ wpa_s->drv_max_probe_req_ie_len >= 2 && + wpabuf_resize(&extra_ie, 100) == 0) + wpas_add_interworking_elements(wpa_s, extra_ie); + #endif /* CONFIG_INTERWORKING */ + + #ifdef CONFIG_MBO +- if (wpa_s->enable_oce & OCE_STA) ++ if ((wpa_s->enable_oce & OCE_STA) && ++ wpa_s->drv_max_probe_req_ie_len >= 5) + wpas_fils_req_param_add_max_channel(wpa_s, &extra_ie); + #endif /* CONFIG_MBO */ + +@@ -774,17 +777,19 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) + &wpa_s->wps->dev, + wpa_s->wps->uuid, req_type, + 0, NULL); +- if (wps_ie) { +- if (wpabuf_resize(&extra_ie, wpabuf_len(wps_ie)) == 0) +- wpabuf_put_buf(extra_ie, wps_ie); +- wpabuf_free(wps_ie); +- } ++ if (wps_ie && ++ wpabuf_len(wps_ie) <= wpa_s->drv_max_probe_req_ie_len && ++ wpabuf_resize(&extra_ie, wpabuf_len(wps_ie)) == 0) ++ wpabuf_put_buf(extra_ie, wps_ie); ++ wpabuf_free(wps_ie); + } + + #ifdef CONFIG_P2P + if (wps) { + size_t ielen = p2p_scan_ie_buf_len(wpa_s->global->p2p); +- if (wpabuf_resize(&extra_ie, ielen) == 0) ++ ++ if (ielen <= wpa_s->drv_max_probe_req_ie_len && ++ wpabuf_resize(&extra_ie, ielen) == 0) + wpas_p2p_scan_ie(wpa_s, extra_ie); + } + #endif /* CONFIG_P2P */ +@@ -794,12 +799,14 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) + #endif /* CONFIG_WPS */ + + #ifdef CONFIG_HS20 +- if (wpa_s->conf->hs20 && wpabuf_resize(&extra_ie, 9) == 0) ++ if (wpa_s->conf->hs20 && wpa_s->drv_max_probe_req_ie_len >= 9 && ++ wpabuf_resize(&extra_ie, 9) == 0) + wpas_hs20_add_indication(extra_ie, -1, 0); + #endif /* CONFIG_HS20 */ + + #ifdef CONFIG_FST + if (wpa_s->fst_ies && ++ wpa_s->drv_max_probe_req_ie_len >= wpabuf_len(wpa_s->fst_ies) && + wpabuf_resize(&extra_ie, wpabuf_len(wpa_s->fst_ies)) == 0) + wpabuf_put_buf(extra_ie, wpa_s->fst_ies); + #endif /* CONFIG_FST */ +@@ -813,7 +820,8 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) + if (wpa_s->vendor_elem[VENDOR_ELEM_PROBE_REQ]) { + struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_PROBE_REQ]; + +- if (wpabuf_resize(&extra_ie, wpabuf_len(buf)) == 0) ++ if (wpa_s->drv_max_probe_req_ie_len >= wpabuf_len(buf) && ++ wpabuf_resize(&extra_ie, wpabuf_len(buf)) == 0) + wpabuf_put_buf(extra_ie, buf); + } + +diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c +index 037bfa3..940042f 100644 +--- a/wpa_supplicant/wpa_supplicant.c ++++ b/wpa_supplicant/wpa_supplicant.c +@@ -7393,12 +7393,15 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, + capa.mac_addr_rand_sched_scan_supported) + wpa_s->mac_addr_rand_supported |= + (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO); ++ wpa_s->drv_max_probe_req_ie_len = capa.max_probe_req_ie_len; + + wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); + if (wpa_s->extended_capa && + wpa_s->extended_capa_len >= 3 && + wpa_s->extended_capa[2] & 0x40) + wpa_s->multi_bss_support = 1; ++ } else { ++ wpa_s->drv_max_probe_req_ie_len = 1500; + } + #ifdef CONFIG_PASN + wpa_pasn_sm_set_caps(wpa_s->wpa, wpa_s->drv_flags2); +diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h +index 110a864..8b7993f 100644 +--- a/wpa_supplicant/wpa_supplicant_i.h ++++ b/wpa_supplicant/wpa_supplicant_i.h +@@ -922,6 +922,7 @@ struct wpa_supplicant { + unsigned int drv_enc; + unsigned int drv_rrm_flags; + unsigned int drv_max_acl_mac_addrs; ++ size_t drv_max_probe_req_ie_len; + + /* + * A bitmap of supported protocols for probe response offload. See + diff --git a/net-wireless/wpa_supplicant/wpa_supplicant-2.11-r4.ebuild b/net-wireless/wpa_supplicant/wpa_supplicant-2.11-r4.ebuild new file mode 100644 index 000000000000..751826fea8b9 --- /dev/null +++ b/net-wireless/wpa_supplicant/wpa_supplicant-2.11-r4.ebuild @@ -0,0 +1,452 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit desktop linux-info qmake-utils readme.gentoo-r1 systemd toolchain-funcs + +DESCRIPTION="IEEE 802.1X/WPA supplicant for secure wireless transfers" +HOMEPAGE="https://w1.fi/wpa_supplicant/"; +LICENSE="|| ( GPL-2 BSD )" + +if [ "${PV}" = "9999" ]; then + inherit git-r3 + EGIT_REPO_URI="https://w1.fi/hostap.git"; +else + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" + SRC_URI="https://w1.fi/releases/${P}.tar.gz"; +fi + +SLOT="0" +IUSE="+ap broadcom-sta dbus eap-sim eapol-test +fils gui macsec +mbo +mesh p2p privsep readline selinux smartcard tkip uncommon-eap-types wep wps" + +# CONFIG_PRIVSEP=y does not have sufficient support for the new driver +# interface functions used for MACsec, so this combination cannot be used +# at least for now. bug #684442 +REQUIRED_USE=" + macsec? ( !privsep ) + mesh? ( ap ) + p2p? ( ap wps ) + privsep? ( !macsec ) + broadcom-sta? ( !fils !mesh !mbo ) +" + +DEPEND=" + >=dev-libs/openssl-1.0.2k:= + dbus? ( sys-apps/dbus ) + kernel_linux? ( + >=dev-libs/libnl-3.2:3 + eap-sim? ( sys-apps/pcsc-lite ) + ) + !kernel_linux? ( net-libs/libpcap ) + gui? ( + dev-qt/qtbase:6[gui,widgets] + dev-qt/qtsvg:6 + ) + readline? ( + sys-libs/ncurses:0= + sys-libs/readline:0= + ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-networkmanager ) + kernel_linux? ( + net-wireless/wireless-regdb + ) +" +BDEPEND="virtual/pkgconfig" + +DOC_CONTENTS=" + If this is a clean installation of wpa_supplicant, you + have to create a configuration file named + /etc/wpa_supplicant/wpa_supplicant.conf + An example configuration file is available for reference in + /usr/share/doc/${PF}/ +" + +S="${WORKDIR}/${P}/${PN}" + +Kconfig_style_config() { + #param 1 is CONFIG_* item + #param 2 is what to set it = to, defaulting in y + CONFIG_PARAM="${CONFIG_HEADER:-CONFIG_}$1" + setting="${2:-y}" + + if [ ! $setting = n ]; then + #first remove any leading "# " if $2 is not n + sed -i "/^# *$CONFIG_PARAM=/s/^# *//" .config || echo "Kconfig_style_config error uncommenting $CONFIG_PARAM" + #set item = $setting (defaulting to y) + if ! sed -i "/^$CONFIG_PARAM\>/s/=.*/=$setting/" .config; then + echo "Kconfig_style_config error setting $CONFIG_PARAM=$setting" + fi + if [ -z "$( grep ^$CONFIG_PARAM= .config )" ] ; then + echo "$CONFIG_PARAM=$setting" >>.config + fi + else + #ensure item commented out + if ! sed -i "/^$CONFIG_PARAM\>/s/$CONFIG_PARAM/# $CONFIG_PARAM/" .config; then + echo "Kconfig_style_config error commenting $CONFIG_PARAM" + fi + fi +} + +src_prepare() { + default + + # net/bpf.h needed for net-libs/libpcap on Gentoo/FreeBSD + sed -i \ + -e "s:\(#include <pcap\.h>\):#include <net/bpf.h>\n\1:" \ + ../src/l2_packet/l2_packet_freebsd.c || die + + # Change configuration to match Gentoo locations (bug #143750) + sed -i \ + -e "s:/usr/lib/opensc:/usr/$(get_libdir):" \ + -e "s:/usr/lib/pkcs11:/usr/$(get_libdir):" \ + wpa_supplicant.conf || die + + # systemd entries to D-Bus service files (bug #372877) + echo 'SystemdService=wpa_supplicant.service' \ + | tee -a dbus/*.service >/dev/null || die + + cd "${WORKDIR}/${P}" || die + + # bug (320097) + eapply "${FILESDIR}/${PN}-2.6-do-not-call-dbus-functions-with-NULL-path.patch" + + # bug (912315) + eapply "${FILESDIR}/${PN}-2.10-allow-legacy-renegotiation.patch" + + # bug (948052) + eapply "${FILESDIR}/${PN}-2.10-use-qt6.patch" + + # bug (937452) + eapply "${FILESDIR}/${PN}-2.11-Revert-Mark-authorization-completed-on-driver-indica.patch" + + # bug (956555) + eapply "${FILESDIR}/${PN}-2.11-broadcom-wl-scanning.patch" + + # bug (640492) + sed -i 's#-Werror ##' wpa_supplicant/Makefile || die +} + +src_configure() { + # Toolchain setup + tc-export CC PKG_CONFIG + + cp defconfig .config || die + + # Basic setup + Kconfig_style_config CTRL_IFACE + Kconfig_style_config MATCH_IFACE + Kconfig_style_config BACKEND file + Kconfig_style_config IBSS_RSN + Kconfig_style_config IEEE80211W + Kconfig_style_config IEEE80211R + Kconfig_style_config HT_OVERRIDES + Kconfig_style_config VHT_OVERRIDES + Kconfig_style_config OCV + Kconfig_style_config TLSV11 + Kconfig_style_config TLSV12 + Kconfig_style_config GETRANDOM + + # Basic authentication methods + # NOTE: we don't set GPSK or SAKE as they conflict + # with the below options + Kconfig_style_config EAP_GTC + Kconfig_style_config EAP_MD5 + Kconfig_style_config EAP_OTP + Kconfig_style_config EAP_PAX + Kconfig_style_config EAP_PSK + Kconfig_style_config EAP_TLV + Kconfig_style_config EAP_EXE + Kconfig_style_config IEEE8021X_EAPOL + Kconfig_style_config PKCS12 + Kconfig_style_config PEERKEY + Kconfig_style_config EAP_LEAP + Kconfig_style_config EAP_MSCHAPV2 + Kconfig_style_config EAP_PEAP + Kconfig_style_config EAP_TEAP + Kconfig_style_config EAP_TLS + Kconfig_style_config EAP_TTLS + + # Enabling background scanning. + Kconfig_style_config BGSCAN_SIMPLE + Kconfig_style_config BGSCAN_LEARN + + if use dbus ; then + Kconfig_style_config CTRL_IFACE_DBUS + Kconfig_style_config CTRL_IFACE_DBUS_NEW + Kconfig_style_config CTRL_IFACE_DBUS_INTRO + else + Kconfig_style_config CTRL_IFACE_DBUS n + Kconfig_style_config CTRL_IFACE_DBUS_NEW n + Kconfig_style_config CTRL_IFACE_DBUS_INTRO n + fi + + if use eapol-test ; then + Kconfig_style_config EAPOL_TEST + fi + + # Enable support for writing debug info to a log file and syslog. + Kconfig_style_config DEBUG_FILE + Kconfig_style_config DEBUG_SYSLOG + + if use mbo ; then + Kconfig_style_config MBO + else + Kconfig_style_config MBO n + fi + + if use uncommon-eap-types; then + Kconfig_style_config EAP_GPSK + Kconfig_style_config EAP_SAKE + Kconfig_style_config EAP_GPSK_SHA256 + Kconfig_style_config EAP_IKEV2 + Kconfig_style_config EAP_EKE + fi + + if use eap-sim ; then + # Smart card authentication + Kconfig_style_config EAP_SIM + Kconfig_style_config EAP_AKA + Kconfig_style_config EAP_AKA_PRIME + Kconfig_style_config PCSC + fi + + if use readline ; then + # readline/history support for wpa_cli + Kconfig_style_config READLINE + else + #internal line edit mode for wpa_cli + Kconfig_style_config WPA_CLI_EDIT + fi + + Kconfig_style_config TLS openssl + Kconfig_style_config FST + + Kconfig_style_config EAP_PWD + if use fils; then + Kconfig_style_config FILS + Kconfig_style_config FILS_SK_PFS + fi + if use mesh; then + Kconfig_style_config MESH + else + Kconfig_style_config MESH n + fi + # WPA3 + Kconfig_style_config OWE + Kconfig_style_config SAE + Kconfig_style_config DPP + Kconfig_style_config DPP2 + Kconfig_style_config SUITEB192 + Kconfig_style_config SUITEB + + if use wep ; then + Kconfig_style_config WEP + else + Kconfig_style_config WEP n + fi + + # Watch out, reversed logic + if use tkip ; then + Kconfig_style_config NO_TKIP n + else + Kconfig_style_config NO_TKIP + fi + + if use smartcard ; then + Kconfig_style_config SMARTCARD + else + Kconfig_style_config SMARTCARD n + fi + + if use kernel_linux ; then + # Linux specific drivers + Kconfig_style_config DRIVER_ATMEL + Kconfig_style_config DRIVER_HOSTAP + Kconfig_style_config DRIVER_IPW + Kconfig_style_config DRIVER_NL80211 + Kconfig_style_config DRIVER_RALINK + Kconfig_style_config DRIVER_WEXT + Kconfig_style_config DRIVER_WIRED + + if use macsec ; then + #requires something, no idea what + #Kconfig_style_config DRIVER_MACSEC_QCA + Kconfig_style_config DRIVER_MACSEC_LINUX + Kconfig_style_config MACSEC + else + # bug #831369 and bug #684442 + Kconfig_style_config DRIVER_MACSEC_LINUX n + Kconfig_style_config MACSEC n + fi + fi + + # Wi-Fi Protected Setup (WPS) + if use wps ; then + Kconfig_style_config WPS + Kconfig_style_config WPS2 + # USB Flash Drive + Kconfig_style_config WPS_UFD + # External Registrar + Kconfig_style_config WPS_ER + # Universal Plug'n'Play + Kconfig_style_config WPS_UPNP + # Near Field Communication + Kconfig_style_config WPS_NFC + else + Kconfig_style_config WPS n + Kconfig_style_config WPS2 n + Kconfig_style_config WPS_UFD n + Kconfig_style_config WPS_ER n + Kconfig_style_config WPS_UPNP n + Kconfig_style_config WPS_NFC n + fi + + # Wi-Fi Direct (WiDi) + if use p2p ; then + Kconfig_style_config P2P + Kconfig_style_config WIFI_DISPLAY + else + Kconfig_style_config P2P n + Kconfig_style_config WIFI_DISPLAY n + fi + + # Access Point Mode + if use ap ; then + Kconfig_style_config AP + else + Kconfig_style_config AP n + fi + + # Enable essentials for AP/P2P + if use ap || use p2p ; then + # Enabling HT support (802.11n) + Kconfig_style_config IEEE80211N + + # Enabling VHT support (802.11ac) + Kconfig_style_config IEEE80211AC + fi + + # Enable mitigation against certain attacks against TKIP + Kconfig_style_config DELAYED_MIC_ERROR_REPORT + + if use privsep ; then + Kconfig_style_config PRIVSEP + fi + + if use kernel_linux ; then + Kconfig_style_config LIBNL32 + fi + + if use gui ; then + pushd "${S}"/wpa_gui-qt4 > /dev/null || die + eqmake6 wpa_gui.pro + popd > /dev/null || die + fi +} + +src_compile() { + einfo "Building wpa_supplicant" + emake V=1 BINDIR=/usr/sbin + + if use gui ; then + einfo "Building wpa_gui" + emake -C "${S}"/wpa_gui-qt4 + fi + + if use eapol-test ; then + emake eapol_test + fi +} + +src_install() { + dosbin wpa_supplicant + use privsep && dosbin wpa_priv + dobin wpa_cli wpa_passphrase + + newinitd "${FILESDIR}/${PN}-init.d" wpa_supplicant + newconfd "${FILESDIR}/${PN}-conf.d" wpa_supplicant + + exeinto /etc/wpa_supplicant/ + newexe "${FILESDIR}/wpa_cli-r1.sh" wpa_cli.sh + + readme.gentoo_create_doc + dodoc ChangeLog {eap_testing,todo}.txt README{,-WPS} \ + wpa_supplicant.conf + + newdoc .config build-config + + if [ "${PV}" != "9999" ]; then + doman doc/docbook/*.{5,8} + fi + + if use gui ; then + into /usr + dobin wpa_gui-qt4/wpa_gui + doicon wpa_gui-qt4/icons/wpa_gui.svg + domenu wpa_gui-qt4/wpa_gui.desktop + else + rm "${ED}"/usr/share/man/man8/wpa_gui.8 + fi + + if use dbus ; then + pushd "${S}"/dbus > /dev/null || die + insinto /etc/dbus-1/system.d + newins dbus-wpa_supplicant.conf wpa_supplicant.conf + insinto /usr/share/dbus-1/system-services + doins fi.w1.wpa_supplicant1.service + popd > /dev/null || die + + # This unit relies on dbus support, bug 538600. + systemd_dounit systemd/wpa_supplicant.service + fi + + if use eapol-test ; then + dobin eapol_test + fi + + systemd_dounit "systemd/[email protected]" + systemd_dounit "systemd/[email protected]" + systemd_dounit "systemd/[email protected]" +} + +pkg_postinst() { + readme.gentoo_print_elog + + if [[ -e "${EROOT}"/etc/wpa_supplicant.conf ]] ; then + echo + ewarn "WARNING: your old configuration file ${EROOT}/etc/wpa_supplicant.conf" + ewarn "needs to be moved to ${EROOT}/etc/wpa_supplicant/wpa_supplicant.conf" + fi + if ! use wep; then + einfo "WARNING: You are building with WEP support disabled, which is recommended since" + einfo "this protocol is deprecated and insecure. If you still need to connect to" + einfo "WEP-enabled networks, you may turn this flag back on. With this flag off," + einfo "WEP-enabled networks will not even show up as available." + einfo "If your network is missing you may wish to USE=wep" + fi + if ! use tkip; then + ewarn "WARNING: You are building with TKIP support disabled, which is recommended since" + ewarn "this protocol is deprecated and insecure. If you still need to connect to" + ewarn "TKIP-enabled networks, you may turn this flag back on. With this flag off," + ewarn "TKIP-enabled networks, including mixed mode TKIP/AES-CCMP will not even show up" + ewarn "as available. If your network is missing you may wish to USE=tkip" + fi + + # Mea culpa, feel free to remove that after some time --mgorny. + local fn + for fn in wpa_supplicant{,@wlan0}.service; do + if [[ -e "${EROOT}"/etc/systemd/system/network.target.wants/${fn} ]] + then + ebegin "Moving ${fn} to multi-user.target" + mv "${EROOT}"/etc/systemd/system/network.target.wants/${fn} \ + "${EROOT}"/etc/systemd/system/multi-user.target.wants/ || die + eend ${?} \ + "Please try to re-enable ${fn}" + fi + done + + systemd_reenable wpa_supplicant.service +}
